package com.chujian.system.auth.controller;

import com.chujian.framework.auth.Accessor;
import com.chujian.framework.auth.SecurityConst;
import com.chujian.framework.core.base.TsDataController;
import com.chujian.framework.core.tsdata.Result;
import com.chujian.system.auth.service.impl.TokenService;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestHeader;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;

@RestController
@Slf4j
public class TokenController extends TsDataController {

    @Autowired
    private TokenService tokenService;

    /**
     * 验证token,网关调用
     *
     * @param uri   访问资源uri，用于鉴权
     * @param token 加密Token，用于验证token
     * @return Result
     */
    @PostMapping("/token/validateJwtToken")
    public Result<?> verifyToken(@RequestParam("uri") String uri, @RequestHeader(SecurityConst.TOKEN_HEADER) String token) {
        try {
            log.debug("校验token:{}", token);
            Accessor accessor = tokenService.verifyToken(token, true);

            // TODO url鉴权

            return okRs(accessor);
        } catch (Exception e) {
            log.error("token验证失败, token:{}", token, e);
            return errRs("无效token");
        }
    }

}
